From 7351616b2a081bcc6351644b49ea4a3ba0ec5ef2 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 19 Jan 2016 08:15:45 +0100
Subject: fix JAVA reflection class instance problems, which is required for
 SAML1 and STORK2 protocol implementation

---
 .../id/auth/builder/AuthenticationDataBuilder.java |  7 ++---
 .../moa/id/moduls/AuthenticationManager.java       | 31 ++++++++++------------
 2 files changed, 18 insertions(+), 20 deletions(-)

(limited to 'id/server/idserverlib/src/main')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 998fa495f..dc4d7845b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -134,10 +134,11 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants {
 		
 		AuthenticationData authdata = null;		
 		
-		try {
-			Object saml1Requst = Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl").newInstance();
+		try {			
+			Class<?> saml1RequstTemplate = Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl");
 			IAuthData saml1authdata = (IAuthData) Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData").newInstance();			
-			if (protocolRequest.getClass().isInstance(saml1Requst)) {
+			if (saml1RequstTemplate != null && 
+					saml1RequstTemplate.isInstance(protocolRequest)) {				
 				//request is SAML1
 				if (session.getExtendedSAMLAttributesOA() == null) {
 					saml1authdata.getClass().getMethod("setExtendedSAMLAttributesOA", List.class).invoke(saml1authdata, new ArrayList<ExtendedSAMLAttribute>());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 86fcdb8b5..0fec742b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -52,7 +52,6 @@ import org.opensaml.saml2.core.NameIDPolicy;
 import org.opensaml.saml2.core.NameIDType;
 import org.opensaml.saml2.core.RequestedAuthnContext;
 import org.opensaml.saml2.core.StatusCode;
-import org.opensaml.saml2.core.Subject;
 import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.SingleLogoutService;
 import org.opensaml.saml2.metadata.SingleSignOnService;
@@ -74,7 +73,6 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration;
-import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
 import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -82,12 +80,11 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.SLOInformationContainer;
 import at.gv.egovernment.moa.id.data.SLOInformationImpl;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-
 import at.gv.egovernment.moa.id.process.ExecutionContextImpl;
 import at.gv.egovernment.moa.id.process.ProcessEngine;
 import at.gv.egovernment.moa.id.process.ProcessExecutionException;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding;
@@ -470,28 +467,27 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 							SAML2Utils.createSAMLObject(AuthnContextClassRef.class);
 					
 					//check if STORK protocol module is in ClassPath
-					Object storkRequst = null;
+					Class<?> storkRequstTemplate = null;
 					Integer storkSecClass = null;
 					try {
-						storkRequst = Class.forName("at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest").newInstance();
-						if (storkRequst != null && 
-								target.getClass().isInstance(storkRequst)) {
+						storkRequstTemplate = Class.forName("at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest");
+						if (storkRequstTemplate != null && 
+								storkRequstTemplate.isInstance(target)) {
 							Object storkAuthnRequest = target.getClass().getMethod("getStorkAuthnRequest", null).invoke(target, null);
 							storkSecClass = (Integer) storkAuthnRequest.getClass().getMethod("getQaa", null).invoke(storkAuthnRequest, null);
 							
 						}
 												
-					} catch (ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) {
+					} catch (ClassNotFoundException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) {
 						
 						
 					}
-					
-					
-					if (sp != null && sp.isSTORKPVPGateway()){
+										
+					if (sp != null && sp.isSTORKPVPGateway()) {
 						//use PVP SecClass instead of STORK QAA level
 						String secClass = null;
-						if (storkRequst != null && 
-								target.getClass().isInstance(storkRequst)) {
+						if (storkRequstTemplate != null && 
+								storkRequstTemplate.isInstance(target)) {
 							
 							try {									
 								secClass = PVPtoSTORKMapper.getInstance().mapToSecClass(
@@ -509,8 +505,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 							authnClassRef.setAuthnContextClassRef("http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3");
 											
 					} else {
-						if (storkRequst != null && 
-								target.getClass().isInstance(storkRequst)) {
+						if (storkRequstTemplate != null && 
+								storkRequstTemplate.isInstance(target)) {
 							//use requested QAA level from STORK request
 							try {
 								authnClassRef.setAuthnContextClassRef(
@@ -525,7 +521,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 							
 						}
 						
-						if (MiscUtil.isEmpty(authnClassRef.getAuthnContextClassRef()))						
+						if (MiscUtil.isEmpty(authnClassRef.getAuthnContextClassRef()))
+							//TODO: switch to eIDAS QAA-levels
 							authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4");
 						
 					}
-- 
cgit v1.2.3